<?php 
if (!defined("LEVEL") || LEVEL < 20 || !defined("OK")) { header('location: ?'); exit(); }
//print_r($_POST);

unset($extra);
$buttons = <<<HTML
<button onclick="location.href='?id,{$_GET['id']};a,{$_GET['a']};v,1'">Sukurti naujieną</button>
<button onclick="location.href='?id,{$_GET['id']};a,{$_GET['a']};v,2'">Redaguoti naujieną</button>
<button onclick="location.href='?id,{$_GET['id']};a,{$_GET['a']};v,3'">Sukurti kategoriją</button>
<button onclick="location.href='?id,{$_GET['id']};a,{$_GET['a']};v,4'">Redaguoti kategoriją</button>
HTML;

lentele('Naujienų administravimas',$buttons);
//Naujienos trinimas
if (isset($_POST['action']) && $_POST['action'] == 'Trinti' && LEVEL == 30 && isset($_POST['edit_new'])) {
	mysql_query1("DELETE FROM `".LENTELES_PRIESAGA."naujienos` WHERE id=".escape($_POST['edit_new']) ." LIMIT 1");
	if (mysql_affected_rows() > 0) { msg("Informacija","Naujiena sėkmingai ištrinta"); }
	else { klaida("Klaida","Naujienos trinimo klaida"); }
	mysql_query1("DELETE FROM `".LENTELES_PRIESAGA."kom` WHERE pid=".(int)$_GET['id']." AND kid=".escape($_POST['edit_new']) ."");
	redirect("?id,46;a,2","meta");
}

//Naujienos redagavimas
elseif (isset($_POST['edit_new']) && isNum($_POST['edit_new']) && $_POST['edit_new'] > 0) {
	$extra = mysql_query1("SELECT `id`, `pavadinimas`, `naujiena`, `daugiau`, `kom` FROM `".LENTELES_PRIESAGA."naujienos` WHERE `id`=".escape((int)$_POST['edit_new'])." LIMIT 1");
	$extra = mysql_fetch_assoc($extra);
}
elseif (isset($_POST['Kategorijos_id']) && isNum($_POST['Kategorijos_id']) && $_POST['Kategorijos_id'] > 0 && isset($_POST['Kategorija']) && $_POST['Kategorija'] == 'Redaguoti') {
	$extra = mysql_query1("SELECT * FROM `".LENTELES_PRIESAGA."naujienos_kat` WHERE `id`=".escape((int)$_POST['Kategorijos_id'])." LIMIT 1");
	$extra = mysql_fetch_assoc($extra);
}

//Išsaugojam redaguojamą naujieną
elseif (isset($_POST['action']) && $_POST['action'] == 'Redaguoti') {
	//apsauga nuo kenksmingo kodo
	include_once('priedai/safe_html.php');
	// nurodome masyva leidziamu elementu DUK
	// - tagai kurie uzdaromi atskirai (<p></p>) pazymeti kaip 1
	// - tagai kuriuos uzdaryti nebutina (<hr>) zymimi kaip 0
	$tags= array ( "p"=>1, "br"=>0, "a"=>1, "img"=>0,
	"li"=>1, "ol"=>1, "ul"=>1,
	"b"=>1, "i"=>1, "em"=>1, "strong"=>1,
	"del"=>1, "ins"=>1, "u"=>1, "code"=>1, "pre"=>1,
	"blockquote"=>1, "hr"=>0, "span"=>1, "font"=>1,"h1"=>1,"h2"=>1,"h3"=>1,
	"table"=>1, "tr"=>1, "td"=>1, "th"=>1,"tbody"=>1, "div"=>1
	);

	$naujiena = safe_html(str_replace(array("&#39;"),array("'"),$_POST['naujiena']), $tags);
	//$naujiena = safe_html($_POST['naujiena'], $tags );
	
	//$placiau = safe_html($_POST['placiau'], $tags );
	$placiau = safe_html(str_replace(array("&#39;"),array("'"),$_POST['placiau']), $tags);
	$komentaras = input($_POST['kom']);
	$pavadinimas = input(htmlspecialchars($_POST['pav']));
	$id = ceil((int)$_POST['news_id']);

	if ($komentaras == 'ne') { mysql_query1("DELETE FROM `".LENTELES_PRIESAGA."kom` WHERE pid=".escape((int)$_GET['id'])." AND kid=".escape($id)); }

	mysql_query1("UPDATE `".LENTELES_PRIESAGA."naujienos` SET
			`pavadinimas` = ".escape($pavadinimas).",
			`naujiena` = ".escape($naujiena."<br />Redagavo: ".$_SESSION['username']."").",
			`daugiau` = ".escape($placiau).",
			`kom` = ".escape($komentaras)."
			WHERE `id`=".escape($id).";
			") or klaida("Klaida",mysql_error());
}

//Išsaugojam naujieną
elseif (isset($_POST['action']) && $_POST['action'] == 'Pateikti') {
	//apsauga nuo kenksmingo kodo
	include_once('priedai/safe_html.php');
	// nurodome masyva leidziamu elementu DUK
	// - tagai kurie uzdaromi atskirai (<p></p>) pazymeti kaip 1
	// - tagai kuriuos uzdaryti nebutina (<hr>) zymimi kaip 0
	$tags= array ( "p"=>1, "br"=>0, "a"=>1, "img"=>0,
	"li"=>1, "ol"=>1, "ul"=>1,
	"b"=>1, "i"=>1, "em"=>1, "strong"=>1,
	"del"=>1, "ins"=>1, "u"=>1, "code"=>1, "pre"=>1,
	"blockquote"=>1, "hr"=>0, "span"=>1, "font"=>1,"h1"=>1,"h2"=>1,"h3"=>1,
	"table"=>1, "tr"=>1, "td"=>1, "th"=>1,"tbody"=>1, "div"=>1
	);

	$naujiena = safe_html(str_replace(array("&#39;"),array("'"),$_POST['naujiena']), $tags);
	//$naujiena = safe_html($_POST['naujiena'], $tags );
	
	//$placiau = safe_html($_POST['placiau'], $tags );
	$placiau = safe_html(str_replace(array("&#39;"),array("'"),$_POST['placiau']), $tags);
	$komentaras = input(strip_tags($_POST['kom']));
	$pavadinimas = input(htmlspecialchars($_POST['pav']));
	if (empty($naujiena) || empty($pavadinimas)) { $error = "Nepilnai užpildyti laukeliai"; }
	if (!isset($error)) {
		$result = mysql_query1("INSERT INTO `".LENTELES_PRIESAGA."naujienos` (pavadinimas, naujiena, daugiau, data, autorius, kom)
		VALUES (".escape($pavadinimas).", ".escape($naujiena).", ".escape($placiau).",  '" . date("Y-m-d H:i:s") ."', ".escape($_SESSION['username']).", ".escape($komentaras).")");
		if ($result) { msg("Informacija","Naujiena sėkmingai patalpinta"); }
		else { klaida("Klaida","Naujiena nepatalpinta. Klaida:<br><b>" . mysql_error() ."</b>"); }
	}
	else { klaida("Klaida",$error); }
}

//Redaguojam kategoriją
elseif (isset($_POST['action']) && $_POST['action'] == 'Redaguoti kategoriją') {
	//apsauga nuo kenksmingo kodo
	include_once('priedai/safe_html.php');
	// nurodome masyva leidziamu elementu DUK
	// - tagai kurie uzdaromi atskirai (<p></p>) pazymeti kaip 1
	// - tagai kuriuos uzdaryti nebutina (<hr>) zymimi kaip 0
	$tags= array ( "p"=>1, "br"=>0, "a"=>1, "img"=>0,
	"li"=>1, "ol"=>1, "ul"=>1,
	"b"=>1, "i"=>1, "em"=>1, "strong"=>1,
	"del"=>1, "ins"=>1, "u"=>1, "code"=>1, "pre"=>1,
	"blockquote"=>1, "hr"=>0, "span"=>1, "font"=>1,"h1"=>1,"h2"=>1,"h3"=>1,
	"table"=>1, "tr"=>1, "td"=>1, "th"=>1,"tbody"=>1, "div"=>1
	);

	$pavadinimas = strip_tags($_POST['Pavadinimas']);
	$teises = (int)$_POST['Teises'];
	$aprasymas = safe_html(str_replace(array("&#39;"),array("'"),$_POST['Aprasymas']));
	$pav = input(htmlspecialchars($_POST['Pav']));
	$id = ceil((int)$_POST['Kategorijos_id']);

	$result = mysql_query1("UPDATE `".LENTELES_PRIESAGA."naujienos_kat` SET
			`pavadinimas` = ".escape($pavadinimas).",
			`teises` = ".escape($teises).",
			`aprasymas` = ".escape($aprasymas).",
			`pav` = ".escape($pav)."
			WHERE `id`=".escape($id).";
			");
	if ($result) { msg("Informacija","Kategorija sėkmingai atnaujinta"); }
	else { klaida("Klaida","Kategorijos atnaujint nepavyko. Klaida:<br><b>" . mysql_error() ."</b>"); }

}

//Pateikti kategoriją
elseif (isset($_POST['action']) && $_POST['action'] == 'Pateikti kategoriją') {
	//apsauga nuo kenksmingo kodo
	include_once('priedai/safe_html.php');
	// nurodome masyva leidziamu elementu DUK
	// - tagai kurie uzdaromi atskirai (<p></p>) pazymeti kaip 1
	// - tagai kuriuos uzdaryti nebutina (<hr>) zymimi kaip 0
	$tags= array ( "p"=>1, "br"=>0, "a"=>1, "img"=>0,
	"li"=>1, "ol"=>1, "ul"=>1,
	"b"=>1, "i"=>1, "em"=>1, "strong"=>1,
	"del"=>1, "ins"=>1, "u"=>1, "code"=>1, "pre"=>1,
	"blockquote"=>1, "hr"=>0, "span"=>1, "font"=>1,"h1"=>1,"h2"=>1,"h3"=>1,
	"table"=>1, "tr"=>1, "td"=>1, "th"=>1,"tbody"=>1, "div"=>1
	);

	$pavadinimas = strip_tags($_POST['Pavadinimas']);
	$teises = (int)$_POST['Teises'];

	$aprasymas = safe_html(str_replace(array("&#39;"),array("'"),$_POST['Aprasymas']));
	$pav = input(htmlspecialchars($_POST['Pav']));

	$result = mysql_query1("INSERT INTO `".LENTELES_PRIESAGA."naujienos_kat` (pavadinimas, teises, aprasymas, pav)
	VALUES (".escape($pavadinimas).", ".escape($teises).", ".escape($aprasymas).",  ".escape($pav).")");
	if ($result) { msg("Informacija","Kategorija sėkmingai sukurta"); }
	else { klaida("Klaida","Kategorijos sukurti nepavyko. Klaida:<br><b>" . mysql_error() ."</b>"); }

}
unset($naujiena,$placiau,$komentaras,$pavadinimas,$result,$error);

$sql = mysql_query1("SELECT id,pavadinimas FROM  `".LENTELES_PRIESAGA."naujienos` ORDER BY ID DESC");
while ($row = mysql_fetch_assoc($sql)) {
	$naujienos[$row['id']] = $row['pavadinimas'];
}
$sql = mysql_query1("SELECT `levelis` FROM  `".LENTELES_PRIESAGA."users` ORDER BY `levelis` DESC"); $teises[0] = 'Visi gali skaityti';
while ($row = mysql_fetch_assoc($sql)) {
	$teises[$row['levelis']] = $row['levelis'];
}
$sql = mysql_query1("SELECT * FROM  `".LENTELES_PRIESAGA."naujienos_kat` ORDER BY `pavadinimas` DESC");
while ($row = mysql_fetch_assoc($sql)) {
	$kategorijos[$row['id']] = $row['pavadinimas'];
}

$array = getFiles('images/naujienu_kat');
foreach ($array as $key => $val) {
	if ($array[$key]['type'] == 'file') $kategoriju_pav[$array[$key]['name']] = $array[$key]['name'].' - '.$array[$key]['sizetext'];
}
if (isset($_GET['v'])) {
	include_once("priedai/class.php");
	$bla = new forma();
	if ($_GET['v'] == 3 || $_GET['v'] == 4) {
		echo <<<HTML
<script language="JavaScript">
// Notice: The simple theme does not use all options some of them are limited to the advanced theme
tinyMCE.init({
	mode : "exact",
	elements : 'Aprasymas',
	theme : "simple",
	apply_source_formatting : true,
	tab_focus : ':prev,:next',
	entity_encoding: "raw"
});
</script>
HTML;
	}
	if ($_GET['v'] == 1 || $_GET['v'] == 2) {
		echo <<<HTML
<script language="JavaScript">
// Notice: The simple theme does not use all options some of them are limited to the advanced theme
tinyMCE.init({
	mode : "exact",
	elements : "naujiena,placiau",
	theme : "advanced",
	theme_advanced_resizing : true,
	theme_advanced_resize_horizontal : false,
	theme_advanced_path_location : "bottom",
	
	//convert_newlines_to_brs:'true',
	//force_br_newlines:'true',
	force_p_newlines:'false',
	height:'350',
	plugin_insertdate_dateFormat:'%Y-%m-%d',
	plugin_insertdate_timeFormat:'%H:%M:%S',

	
	plugins : "inlinepopups,emotions,advimage,media,table,insertdatetime,style",
	content_css:'stiliai/{$conf['Stilius']}/default.css',
	theme_advanced_buttons1 : "bold,italic,underline,separator,strikethrough,justifyleft,justifycenter,justifyright, justifyfull,bullist,numlist,undo,redo,link,unlink",
	theme_advanced_buttons2_add : "separator,insertdate,separator,forecolor,backcolor,separator,emotions,media",
	theme_advanced_buttons3 : "tablecontrols",
	theme_advanced_buttons4 : "styleselect,fontsizeselect,formatselect",
	theme_advanced_toolbar_location : "top",
	theme_advanced_toolbar_align : "left",
	theme_advanced_statusbar_location : "bottom",
	invalid_elements:'script,object,applet,iframe',
	extended_valid_elements : "a[name|href|target|title|onclick],img[class|src|border=0|alt|title|hspace|vspace|width|height|align|onmouseover|onmouseout|name],hr[class|width|size|noshade],font[face|size|color|style],span[class|align|style]",
	theme_advanced_disable : "help",
	apply_source_formatting : true,
	tab_focus : ':prev,:next',
	entity_encoding: "raw"
});
</script>
HTML;
	}
	if ($_GET['v'] == 2) {
		//print_r($kategoriju_pav);
		$redagavimas = array(
		"Form"=>array("action"=>"?id,{$_GET['id']};a,{$_GET['a']};v,1","method"=>"post","name"=>"reg"),
		"Naujiena:"=>array("type"=>"select","value"=>$naujienos,"name"=>"edit_new"),
		"Redagavimas:"=>array("type"=>"submit","name"=>"action","value"=>"Redaguoti"),
		"Trinimas:"=>array("type"=>"submit","name"=>"action","value"=>"Trinti")
		);
		lentele('Naujienų redagavimas',$bla->form($redagavimas));
	}
	elseif ($_GET['v'] == 1) {
		$naujiena = array(
		"Form"=>array("action"=>"","method"=>"post","name"=>"reg"),
		"Pavadinimas:"=>array("type"=>"text","value"=>input((isset($extra))?$extra['pavadinimas']:''),"name"=>"pav","style"=>"width:100%"),
		"Komentarai:"=>array("type"=>"select","value"=>array('taip'=>'TAIP','ne'=>'NE'),"name"=>"kom","class"=>"input","style"=>"width:100%"),
		"Kategorija:"=>array("type"=>"select","value"=>$kategorijos,"name"=>"kom","class"=>"input","style"=>"width:100%","selected"=>(isset($extra['kategorija'])?input($extra['kategorija']):'')),
		"Naujiena:"=>array("type"=>"textarea","value"=>(isset($extra))?input($extra['naujiena']):'',"name"=>"naujiena","id"=>"naujiena","rows"=>"3","class"=>"naujiena","style"=>"width:100%"),
		"Plačiau:"=>array("type"=>"textarea","value"=>(isset($extra))?input($extra['daugiau']):'',"name"=>"placiau","id"=>"placiau","rows"=>"3","class"=>"placiau","style"=>"width:100%"),
		""=>array("type"=>"hidden","name"=>"news_id","value"=>(isset($extra)?input($extra['id']):'')),
		(isset($extra))?'Redaguoti':'Pateikti'=>array("type"=>"submit","name"=>"action","value"=>(isset($extra))?'Redaguoti':'Pateikti'),
		);
		lentele('Naujienų rašymas',"<a href=\"#\" onclick=\"tinyMCE.execCommand('mceAddControl',true,'placiau'); return false;\">Test</a>".$bla->form($naujiena));
	}
	elseif ($_GET['v'] == 3) {
		$kategorijos = array(
		"Form"=>array("action"=>'',"method"=>"post","name"=>"reg"),
		"Pavadinimas:"=>array("type"=>"text","value"=>(isset($extra['pavadinimas']))?input($extra['pavadinimas']):'',"name"=>"Pavadinimas","style"=>"width:100%"),
		"Teisės:"=>array("type"=>"select","value"=>$teises,"name"=>"Teises","class"=>"input","style"=>"width:100%","selected"=>(isset($extra['teises'])?input($extra['teises']):'')),
		"Aprašymas:"=>array("type"=>"textarea","value"=>(isset($extra['aprasymas']))?input($extra['aprasymas']):'',"name"=>"Aprasymas","rows"=>"3","class"=>"input","style"=>"width:100%","id"=>"Aprasymas"),
		"Paveiksliukas:"=>array("type"=>"select","value"=>$kategoriju_pav,"name"=>"Pav","class"=>"input","style"=>"width:100%","selected"=>(isset($extra['pav'])?input($extra['pav']):'Universal.png')),
		""=>array("type"=>"hidden","name"=>"Kategorijos_id","value"=>(isset($extra['id'])?input($extra['id']):'')),
		(isset($extra))?'Redaguoti kategoriją':'Sukurti kategoriją'=>array("type"=>"submit","name"=>"action","value"=>(isset($extra))?'Redaguoti kategoriją':'Pateikti kategoriją'),
		);
		lentele('Naujienų kategorijos','<center><h2>Kategorijos paveiksliukas</h2>'.(isset($extra['pav'])?input($extra['pav']):'Universal.png').'<table><tr><td><div class="avataras"><img src="images/naujienu_kat/'.(isset($extra['pav'])?$extra['pav']:'Universal.png').'" /></div></td></tr></table></center>'.$bla->form($kategorijos));
	}
	elseif ($_GET['v'] == 4) {
		$kategorijos_redagavimas = array(
		"Form"=>array("action"=>"?id,{$_GET['id']};a,{$_GET['a']};v,3","method"=>"post","name"=>"reg"),
		"Kategorija:"=>array("type"=>"select","value"=>$kategorijos,"name"=>"Kategorijos_id"),
		"Redagavimas:"=>array("type"=>"submit","name"=>"Kategorija","value"=>"Redaguoti"),
		"Trinimas:"=>array("type"=>"submit","name"=>"Kategorija","value"=>"Trinti")
		);

		lentele('Kategorijų redagavimas',$bla->form($kategorijos_redagavimas));
	}
}


unset($sql,$extra,$row);
?>